How to Remove/Add New/Old Cloud Service Account in AWS Cloud Discovery Job

Go to solution
balaji_prusty1
Giga Guru

‎03-14-2024 01:32 AM

Hi All,

 

We have configured AWS Cloud Discovery in our organisation and it is working fine. Now I need to remove some Old Cloud Service Accounts which have already been added to the current Cloud discovery job to discover. Like Other discovery jobs (CI Based) we are removed from the Discovery Range but for the cloud, I am not finding any option to remove the configured Service Account.  Only I can see the Cloud Service Account (cmdb_ci_cloud_service_account) where we define the master and child.

 

Can someone please help with this?

 

Thanks

Balaji

 

0 Helpfuls
  • 1,545 Views
1 ACCEPTED SOLUTION

Go to solution
Ram Devanathan1
ServiceNow Employee
ServiceNow Employee
In response to balaji_prusty1

‎03-15-2024 10:56 PM

ok makes sense and that's the solution forward for now. you have to remember to set up regular checks to add accounts as needed - it won't be immediate. you can keep that as part of the account creation/termination request workflow also if there's one.

View solution in original post

0 Helpfuls
25 REPLIES 25

Go to solution
balaji_prusty1
Giga Guru
In response to Ram Devanathan1

‎03-15-2024 10:44 PM

Thanks, Ram,

 

This is my case ID #CS7223130 which I raised for this.

 

I set the sys property false for "glide.discovery.cdu.auto_refresh_sub_accounts_and_ldcs". So it will not pick all the accounts again from the AWS console which we should not want to discover.

 

Created a discovery job without selecting "discover all members" (excluding that ac) and now reran it in Prod and monitoring.

 

Thanks

Balaji Prusty

 

0 Helpfuls

Go to solution
Ram Devanathan1
ServiceNow Employee
ServiceNow Employee
In response to balaji_prusty1

‎03-15-2024 10:56 PM

ok makes sense and that's the solution forward for now. you have to remember to set up regular checks to add accounts as needed - it won't be immediate. you can keep that as part of the account creation/termination request workflow also if there's one.

0 Helpfuls

Go to solution
balaji_prusty1
Giga Guru
In response to Ram Devanathan1

‎03-16-2024 01:12 AM

Thanks, Ram for Help on this. Yes, I understood, that it will not auto-fetch if any AC is created in AWS and needs to be monitored and manually added/removed. We have already requested an item configured for New Ac creation but it is only for approval. 

 

I think every time any new AC is added/deleted, need to create a discovery job as the current one will not take which is manually configured (Not select all).

 

Thanks

Balaji Prusty

0 Helpfuls

Go to solution
Ram Devanathan1
ServiceNow Employee
ServiceNow Employee
In response to balaji_prusty1

‎03-16-2024 01:22 AM

would love to talk to you on the new cloud account management app which would help you tie this workflow up - pl reach out to me at ramkumar<dot>devanathan<at>servicenow<dot>com if you are interested to do a beta test.

Ram

0 Helpfuls

Go to solution
Balaji Prusty
Tera Contributor
In response to Ram Devanathan1

‎03-17-2024 05:43 AM

Sure, Ram, I will reach you over the mail. Thanks a lot.

0 Helpfuls